Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/pag0GeCqVdLHCY4pszdWGn3sAsk.roa
File: pag0GeCqVdLHCY4pszdWGn3sAsk.roa (raw, json)
Hash identifier: KJJPqmVftQhIyPWzQy0VkGWSKaqxiPtfToEUS35Qrpc=
Subject key identifier: A5:A8:34:19:E0:AA:55:D2:C7:09:8E:29:B3:37:56:1A:7D:EC:02:C9
Certificate issuer: /CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Certificate serial: 018EB4C466EF3D0F834D4D995D81E877C3EC
Authority key identifier: F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/pag0GeCqVdLHCY4pszdWGn3sAsk.roa
Signing time: Sat 06 Apr 2024 18:55:54 +0000
ROA not before: Sat 06 Apr 2024 18:55:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 123.253.212.0/23 maxlen: 23
141.98.137.0/24 maxlen: 24
141.98.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Apr 2024 09:40:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b4:c4:66:ef:3d:0f:83:4d:4d:99:5d:81:e8:77:c3:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Validity
Not Before: Apr 6 18:55:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5a83419e0aa55d2c7098e29b337561a7dec02c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d0:21:b0:2b:74:ef:f6:97:74:a6:16:4f:b3:
75:e4:06:f6:d7:35:a3:5e:8b:91:64:3a:48:70:50:
7f:0e:43:39:e7:fa:ac:3a:a3:7b:ba:f8:9f:5d:d5:
cc:5a:c3:e8:1a:6a:9c:cd:da:1d:49:8f:a0:1a:13:
3f:31:a6:88:55:e7:9e:d7:3e:f6:a5:91:d2:48:d6:
ac:ad:0a:cf:41:49:fd:c1:bb:06:02:28:ea:e5:b8:
d5:ee:dd:d5:38:e2:38:c7:8e:ee:87:de:6f:8f:b9:
d8:2c:a7:6e:10:a1:d5:6a:d1:d3:08:82:f1:be:51:
2a:5d:f5:42:ab:8e:1b:19:32:c0:f3:77:10:4f:10:
3a:c0:e7:af:d5:8e:30:d3:00:2f:f8:de:40:6b:51:
f7:68:37:6b:51:10:22:3a:25:09:29:f2:d8:a5:7f:
91:49:0e:2d:49:68:4c:be:06:51:c7:d3:b6:bf:46:
c2:f9:3c:a1:9b:5e:6f:76:b3:e6:08:2a:21:2e:42:
b6:6d:cf:18:63:7a:25:6c:a3:82:e3:37:35:c8:54:
cf:de:5b:e8:de:91:c1:ac:b2:d3:44:01:9f:60:40:
50:12:2e:fc:59:9d:5d:27:36:63:3e:34:e6:49:2b:
1c:61:25:af:f9:db:31:bd:af:ab:c9:2f:47:3e:f0:
5e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:A8:34:19:E0:AA:55:D2:C7:09:8E:29:B3:37:56:1A:7D:EC:02:C9
X509v3 Authority Key Identifier:
keyid:F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/pag0GeCqVdLHCY4pszdWGn3sAsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/8E6yBPNYAEeIIk4vsY5NXnS-v40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
123.253.212.0/23
141.98.137.0/24
141.98.139.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:eb:9e:53:b4:13:18:aa:1a:1d:c8:95:3f:5e:97:69:fe:14:
b7:d9:05:f2:39:8b:1c:bd:10:55:57:93:83:ad:bd:e7:df:20:
70:29:62:e2:6e:23:20:25:ef:37:50:06:d4:8f:d8:48:27:ce:
bc:f5:72:89:90:24:cd:4c:ec:33:a7:51:a2:97:ce:bc:26:73:
ae:9f:82:6d:df:90:fb:fc:a3:36:34:68:7a:02:11:f4:3f:54:
54:03:91:03:41:46:9b:3f:95:78:76:17:7b:7f:e9:ae:b9:37:
9b:c1:86:16:ea:a3:4e:81:fc:79:da:c4:24:e3:c4:ed:d5:b0:
df:ba:27:f1:cc:7d:c6:aa:55:57:fa:ac:75:0a:f1:8e:04:a0:
1d:c0:74:bf:f2:2f:74:98:28:10:7a:1a:2b:00:45:27:d8:8e:
0d:12:0c:5c:cc:1d:00:90:ae:53:27:11:65:b0:ca:38:d6:b1:
64:c5:8f:37:0d:29:85:61:df:ac:99:96:44:c1:f6:45:94:04:
6d:e9:b2:a6:99:02:cb:e9:ad:20:fb:66:85:9e:39:4f:73:3d:
32:05:26:f3:26:35:00:a8:35:1a:1b:31:7b:34:c5:4c:90:65:
75:47:81:f5:25:e4:64:8c:97:72:5c:bc:1f:21:74:91:13:b2:
5d:97:89:22
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY60xGbvPQ+DTU2ZXYHod8PsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGViMjA0ZjM1ODAwNDc4ODIyNGUyZmIxOGU0ZDVlNzRi
ZWJmOGQwHhcNMjQwNDA2MTg1NTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWE4MzQxOWUwYWE1NWQyYzcwOThlMjliMzM3NTYxYTdkZWMwMmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdAhsCt07/aXdKYWT7N15Ab21zWj
XouRZDpIcFB/DkM55/qsOqN7uvifXdXMWsPoGmqczdodSY+gGhM/MaaIVeee1z72
pZHSSNasrQrPQUn9wbsGAijq5bjV7t3VOOI4x47uh95vj7nYLKduEKHVatHTCILx
vlEqXfVCq44bGTLA83cQTxA6wOev1Y4w0wAv+N5Aa1H3aDdrURAiOiUJKfLYpX+R
SQ4tSWhMvgZRx9O2v0bC+Tyhm15vdrPmCCohLkK2bc8YY3olbKOC4zc1yFTP3lvo
3pHBrLLTRAGfYEBQEi78WZ1dJzZjPjTmSSscYSWv+dsxva+ryS9HPvBeDQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKWoNBngqlXSxwmOKbM3Vhp97ALJMB8GA1UdIwQY
MBaAFPBOsgTzWABHiCJOL7GOTV50vr+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMt
NWM1ODkyYWZhNDg3LzEvcGFnMEdlQ3FWZExIQ1k0cHN6ZFdHbjNzQXNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMtNWM1ODkyYWZhNDg3
LzEvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBe/3UAwQA
jWKJAwQAjWKLMA0GCSqGSIb3DQEBCwUAA4IBAQAN655TtBMYqhodyJU/Xpdp/hS3
2QXyOYscvRBVV5ODrb3n3yBwKWLibiMgJe83UAbUj9hIJ8689XKJkCTNTOwzp1Gi
l868JnOun4Jt35D7/KM2NGh6AhH0P1RUA5EDQUabP5V4dhd7f+muuTebwYYW6qNO
gfx52sQk48Tt1bDfuifxzH3GqlVX+qx1CvGOBKAdwHS/8i90mCgQehorAEUn2I4N
EgxczB0AkK5TJxFlsMo41rFkxY83DSmFYd+smZZEwfZFlARt6bKmmQLL6a0g+2aF
njlPcz0yBSbzJjUAqDUaGzF7NMVMkGV1R4H1JeRkjJdyXLwfIXSRE7Jdl4ki
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:09 2024 by rpki-client on console-fra.rpki-client.org